This is mass-mailing worm. It is call Wallon-A.
Essentially, it goes to a dodgy website and downloads a dialler program. Diallers change your modem connection number to a premium rate number without your knowledge or consent…. This is essentially unsolicited mail with a dodgy link.
Roger Thompson of PestPatrol tells me: “it’s a mass mailer, but no attachment… just a URL. The URL goes through a bunch of redirections until it gets to the real website, where it downloads the payload using one of the current exploits.”
Anyway, apologies to everyone for getting it wrong before.